Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/yQS06FS8Kb3tL3c_INfz6tcls7c.roa
File: yQS06FS8Kb3tL3c_INfz6tcls7c.roa (raw, json)
Hash identifier: VS0oMOBbUoomdpY/vv90ZrQP2VTGD3GNWWmMcTKUVb4=
Subject key identifier: C9:04:B4:E8:54:BC:29:BD:ED:2F:77:3F:20:D7:F3:EA:D7:25:B3:B7
Certificate issuer: /CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Certificate serial: 018CC9BCB38CCE0F9717AB2E1C03A29BD755
Authority key identifier: 20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/yQS06FS8Kb3tL3c_INfz6tcls7c.roa
Signing time: Tue 02 Jan 2024 10:33:56 +0000
ROA not before: Tue 02 Jan 2024 10:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41998
IP address blocks: 62.152.160.0/19 maxlen: 19
185.108.230.0/23 maxlen: 23
185.36.120.0/22 maxlen: 22
217.78.160.0/20 maxlen: 20
188.93.216.0/21 maxlen: 21
217.66.136.0/21 maxlen: 21
31.25.40.0/21 maxlen: 21
37.25.48.0/21 maxlen: 21
185.3.80.0/22 maxlen: 22
145.14.192.0/20 maxlen: 20
83.242.36.0/22 maxlen: 22
83.242.40.0/21 maxlen: 21
83.242.48.0/20 maxlen: 20
153.92.80.0/20 maxlen: 20
171.33.176.0/22 maxlen: 22
213.153.68.0/22 maxlen: 22
213.153.76.0/22 maxlen: 22
171.33.180.0/22 maxlen: 22
213.153.84.0/22 maxlen: 22
213.153.80.0/22 maxlen: 22
213.153.88.0/22 maxlen: 22
93.118.0.0/21 maxlen: 21
94.176.240.0/20 maxlen: 20
213.153.92.0/22 maxlen: 22
93.118.8.0/21 maxlen: 21
93.118.16.0/21 maxlen: 21
93.118.24.0/21 maxlen: 21
94.124.208.0/21 maxlen: 21
188.244.100.0/22 maxlen: 22
46.182.136.0/21 maxlen: 21
194.140.112.0/20 maxlen: 20
91.103.112.0/21 maxlen: 21
212.86.176.0/22 maxlen: 22
212.86.184.0/22 maxlen: 22
5.42.136.0/22 maxlen: 22
5.42.140.0/22 maxlen: 22
185.61.28.0/22 maxlen: 22
2a02:17b0::/32 maxlen: 32
2a00:79c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 28 Feb 2024 14:39:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:b3:8c:ce:0f:97:17:ab:2e:1c:03:a2:9b:d7:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Validity
Not Before: Jan 2 10:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c904b4e854bc29bded2f773f20d7f3ead725b3b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d0:37:c7:ca:15:82:ce:31:a9:ba:3d:c2:cf:
90:f3:05:e2:1e:65:04:b7:6b:31:05:0e:e9:78:09:
94:26:e7:3a:91:3c:be:cc:e4:8d:f1:89:5c:10:f8:
60:15:11:62:d9:02:24:9c:07:73:e6:09:1b:91:a7:
5a:78:e9:9c:16:6a:70:61:0d:47:2e:7f:90:01:f6:
1b:d5:7e:ff:f9:e9:b8:de:de:da:9f:92:f7:29:ab:
83:46:90:c5:92:fc:54:4b:63:f2:2d:04:76:00:01:
01:5e:27:3f:91:f4:d5:3b:25:fd:34:55:05:61:ca:
7e:26:6b:a1:aa:a5:3f:16:63:36:10:e4:9f:d9:1e:
d3:db:52:4e:f8:64:bc:e1:47:6c:24:96:cc:d5:28:
9b:3b:22:85:2d:d9:27:0f:49:b1:01:60:d5:e9:1e:
18:a7:ec:e6:85:06:1a:b2:0c:c5:86:6a:53:57:9a:
b1:ea:03:3a:06:95:fa:af:27:23:8b:56:d7:c3:59:
f1:11:a8:05:93:d4:bd:5d:5a:23:56:5e:c4:ed:6b:
a2:37:35:8d:2b:0e:21:4c:e1:4c:47:8a:2d:ef:5c:
b8:bc:87:b2:06:f2:c3:0f:d6:d6:8e:4b:18:f2:78:
e9:1a:67:9d:e4:b3:59:01:94:8d:41:9b:9f:f4:76:
2c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:04:B4:E8:54:BC:29:BD:ED:2F:77:3F:20:D7:F3:EA:D7:25:B3:B7
X509v3 Authority Key Identifier:
keyid:20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/yQS06FS8Kb3tL3c_INfz6tcls7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.136.0/21
31.25.40.0/21
37.25.48.0/21
46.182.136.0/21
62.152.160.0/19
83.242.36.0-83.242.63.255
91.103.112.0/21
93.118.0.0/19
94.124.208.0/21
94.176.240.0/20
145.14.192.0/20
153.92.80.0/20
171.33.176.0/21
185.3.80.0/22
185.36.120.0/22
185.61.28.0/22
185.108.230.0/23
188.93.216.0/21
188.244.100.0/22
194.140.112.0/20
212.86.176.0/22
212.86.184.0/22
213.153.68.0/22
213.153.76.0-213.153.95.255
217.66.136.0/21
217.78.160.0/20
IPv6:
2a00:79c0::/32
2a02:17b0::/32
Signature Algorithm: sha256WithRSAEncryption
85:0d:c6:98:61:91:a0:8a:42:bd:b2:79:04:f4:2c:6f:4c:35:
26:e4:6e:b9:96:7e:93:75:4e:2f:d2:b1:05:19:85:d8:c4:5e:
cc:de:7f:42:d5:af:5f:5f:34:17:c2:9f:63:36:49:ec:0a:b6:
b9:6f:d5:d6:de:b2:f8:59:08:33:66:ea:4b:e6:76:5c:56:7d:
1d:68:68:f3:77:26:fd:19:64:d2:d2:a1:9f:30:31:92:a5:05:
d6:01:00:c4:8b:d3:28:ac:b7:51:6f:83:c0:4b:60:7d:51:6e:
8e:8c:3b:7d:72:8c:73:9e:c1:51:4b:b3:fc:cf:38:da:26:e5:
59:b6:6a:94:e7:53:95:a7:5d:cb:03:a3:44:62:b8:b6:36:d5:
84:a7:43:37:c9:10:33:d2:d5:5e:8b:9b:ba:f5:32:53:50:4a:
15:d7:c6:bb:4a:80:c6:86:96:b4:74:d8:a8:9c:6e:5a:96:dd:
88:be:aa:33:5c:dc:ff:a3:a4:11:e0:6e:9f:5c:bf:c2:16:d8:
cd:3c:b6:37:57:3f:06:ac:a9:d6:98:95:ae:d5:42:3e:6c:2d:
bb:4f:5e:a4:8a:7f:18:e5:5e:92:21:16:12:c9:d0:a7:bf:3e:
1a:e4:84:ca:15:c7:e1:8a:61:37:ba:d0:91:45:e9:f0:9e:cc:
6a:35:4c:df
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYzJvLOMzg+XF6suHAOim9dVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNGEwOTY1MDRjZGJiOWYyZmI3ZmQwZTY2NDA2ZDUyNmZl
MTBiNWEwHhcNMjQwMTAyMTAzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTA0YjRlODU0YmMyOWJkZWQyZjc3M2YyMGQ3ZjNlYWQ3MjViM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdA3x8oVgs4xqbo9ws+Q8wXiHmUE
t2sxBQ7peAmUJuc6kTy+zOSN8YlcEPhgFRFi2QIknAdz5gkbkadaeOmcFmpwYQ1H
Ln+QAfYb1X7/+em43t7an5L3KauDRpDFkvxUS2PyLQR2AAEBXic/kfTVOyX9NFUF
Ycp+JmuhqqU/FmM2EOSf2R7T21JO+GS84UdsJJbM1SibOyKFLdknD0mxAWDV6R4Y
p+zmhQYasgzFhmpTV5qx6gM6BpX6rycji1bXw1nxEagFk9S9XVojVl7E7WuiNzWN
Kw4hTOFMR4ot71y4vIeyBvLDD9bWjksY8njpGmed5LNZAZSNQZuf9HYsYQIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFMkEtOhUvCm97S93PyDX8+rXJbO3MB8GA1UdIwQY
MBaAFCBKCWUEzbufL7f9DmZAbVJv4QtaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYt
MTU0MjI0Nzg4MDBiLzEveVFTMDZGUzhLYjN0TDNjX0lOZno2dGNsczdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYtMTU0MjI0Nzg4MDBi
LzEvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBswQCAAEwgawDBAMF
KogDBAMfGSgDBAMlGTADBAMutogDBAU+mKAwDAMEAlPyJAMEBlPyAAMEA1tncAME
BV12AAMEA1580AMEBF6w8AMEBJEOwAMEBJlcUAMEA6shsAMEArkDUAMEArkkeAME
Ark9HAMEAbls5gMEA7xd2AMEArz0ZAMEBMKMcAMEAtRWsAMEAtRWuAMEAtWZRDAM
AwQC1ZlMAwQF1ZlAAwQD2UKIAwQE2U6gMBQEAgACMA4DBQAqAHnAAwUAKgIXsDAN
BgkqhkiG9w0BAQsFAAOCAQEAhQ3GmGGRoIpCvbJ5BPQsb0w1JuRuuZZ+k3VOL9Kx
BRmF2MRezN5/QtWvX180F8KfYzZJ7Aq2uW/V1t6y+FkIM2bqS+Z2XFZ9HWho83cm
/Rlk0tKhnzAxkqUF1gEAxIvTKKy3UW+DwEtgfVFujow7fXKMc57BUUuz/M842ibl
WbZqlOdTladdywOjRGK4tjbVhKdDN8kQM9LVXoubuvUyU1BKFdfGu0qAxoaWtHTY
qJxuWpbdiL6qM1zc/6OkEeBun1y/whbYzTy2N1c/Bqyp1piVrtVCPmwtu09epIp/
GOVekiEWEsnQp78+GuSEyhXH4YphN7rQkUXp8J7MajVM3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:14 2024 by rpki-client on console-ams.rpki-client.org